OSS SCA with Debricked #3

Workflow file for this run

.github/workflows/debricked.yml at 1e74f27


	# Create GitHub Action Secrets for your version of the application:
	# DEBRICKEN_TOKEN should be an API Access Token from your Debricked tenant.

	name: OSS SCA with Debricked

	on:
	# Triggers the workflow on push or pull request events but only for the main and dev branches
	push:
	paths:
	- 'build.gradle'
	branches:
	- '**' # matches every branch
	pull_request:
	branches: [ main, develop ]

	# Allows you to run this workflow manually from the Actions tab
	workflow_dispatch:
	inputs:
	runDebrickedScan:
	description: 'Carry out SCA scan using Debricked'
	required: true
	default: 'true'

	# Global environment variables
	env:
	DEFAULT_APP_NAME: "IWA-API"
	GRADLE_VERSION: "7.3"

	jobs:

	Debricked-SCA:
	runs-on: ubuntu-latest
	if: ${{ (github.event_name == 'push') \|\| (github.event_name == 'pull_request') \|\| (github.event.inputs.runDebrickedScan == 'true') }}
	steps:
	- uses: actions/checkout@v4
	# Java is required to run the various Fortify utilities.
	# Setup JDK 11 on host
	- uses: actions/setup-java@v4
	with:
	distribution: 'temurin'
	java-version: '11'
	# Install appropriate version of Gradle
	- name: Setup Gradle
	uses: gradle/actions/setup-gradle@v3
	with:
	gradle-version: ${{ env.GRADLE_VERSION }}
	# Install Fortify/Debricked tools
	- name: Setup Fortify tools
	uses: fortify/github-action/[email protected]
	with:
	export-path: true
	fcli: latest
	debricked-cli: latest
	- name: Run debricked scan
	shell: bash
	run: \|
	debricked scan --callgraph -r "${DEFAULT_APP_NAME}" --access-token="${DEBRICKED_TOKEN}" -e "/.lock" -e "/build/classes/test/" -e "/target/classes/test-classes/*" .
	env:
	DEBRICKED_TOKEN: ${{ secrets.DEBRICKED_TOKEN }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

OSS SCA with Debricked #3

Workflow file

OSS SCA with Debricked #3

Jobs

Run details

Workflow file for this run